Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

69f2201e93...d5.apk

android-9-x86

4

Analysis

  • max time kernel
    2642607s
  • max time network
    161s
  • platform
    android_x86
  • resource
    android-x86-arm-20231215-en
  • resource tags

    androidarch:armarch:x86image:android-x86-arm-20231215-enlocale:en-usos:android-9-x86system
  • submitted
    23/12/2023, 18:35 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    69f2201e9320feb169b2685fd2d9cf5d6b1016c6b3963636ae8a465727e9a5d5.apk

  • Size

    21.5MB

  • MD5

    846b0d4d991bc38263e998d3ec9db369

  • SHA1

    97faeb88eba7584c45183f6be7a7e346b0cb1bcc

  • SHA256

    69f2201e9320feb169b2685fd2d9cf5d6b1016c6b3963636ae8a465727e9a5d5

  • SHA512

    c8d56f2bde8438d3b4a13b38499523d316d1a714cc15391c0e5657cac870053bbec94ed60e3a1543827734f4aab95211acc1bbcc54ce9d694a34f2c56a370b54

  • SSDEEP

    393216:lRKDUCV5VK058I8urfcumCIfGirfWhT56kxjjdYuAnI9A0j9lKGw3:/8ZJ/8yVmHGir2RljdtAINRlM

Score
4/10

Malware Config

Signatures

  • Uses Crypto APIs (Might try to encrypt user data) 1 IoCs

Processes

  • com.jdd.motoqixing
    1⤵
    • Uses Crypto APIs (Might try to encrypt user data)
    PID:4510

Network

  • flag-us
    DNS
    mpush-api.aliyun.com
    Remote address:
    1.1.1.1:53
    Request
    mpush-api.aliyun.com
    IN A
    Response
    mpush-api.aliyun.com
    IN CNAME
    sh.wagbridge.aliyun.aliyun.com
    sh.wagbridge.aliyun.aliyun.com
    IN CNAME
    aliyun-adns.aliyun.com
    aliyun-adns.aliyun.com
    IN CNAME
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    140.205.60.46
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    140.205.135.3
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.172.6
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.253.83
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.249.99
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.172.5
  • flag-us
    DNS
    mpush-api.aliyun.com
    Remote address:
    1.1.1.1:53
    Request
    mpush-api.aliyun.com
    IN A
  • flag-us
    DNS
    api.jddmoto.com
    Remote address:
    1.1.1.1:53
    Request
    api.jddmoto.com
    IN A
    Response
    api.jddmoto.com
    IN A
    39.106.67.173
  • flag-us
    DNS
    api.jddmoto.com
    Remote address:
    1.1.1.1:53
    Request
    api.jddmoto.com
    IN A
  • flag-us
    DNS
    log-center.jdd.com
    Remote address:
    1.1.1.1:53
    Request
    log-center.jdd.com
    IN A
    Response
    log-center.jdd.com
    IN A
    123.59.112.204
  • flag-us
    DNS
    res.jddmoto.com
    Remote address:
    1.1.1.1:53
    Request
    res.jddmoto.com
    IN A
    Response
  • flag-us
    DNS
    alog.umeng.com
    Remote address:
    1.1.1.1:53
    Request
    alog.umeng.com
    IN A
    Response
    alog.umeng.com
    IN CNAME
    alog.umeng.com.gds.alibabadns.com
    alog.umeng.com.gds.alibabadns.com
    IN CNAME
    alog-default.umeng.com
    alog-default.umeng.com
    IN A
    223.109.148.179
    alog-default.umeng.com
    IN A
    223.109.148.176
    alog-default.umeng.com
    IN A
    223.109.148.178
    alog-default.umeng.com
    IN A
    223.109.148.141
    alog-default.umeng.com
    IN A
    223.109.148.177
    alog-default.umeng.com
    IN A
    223.109.148.130
  • flag-us
    DNS
    alog.umeng.com
    Remote address:
    1.1.1.1:53
    Request
    alog.umeng.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    216.58.201.110
  • flag-us
    DNS
    mpush-api.aliyun.com
    Remote address:
    1.1.1.1:53
    Request
    mpush-api.aliyun.com
    IN A
    Response
    mpush-api.aliyun.com
    IN CNAME
    sh.wagbridge.aliyun.aliyun.com
    sh.wagbridge.aliyun.aliyun.com
    IN CNAME
    aliyun-adns.aliyun.com
    aliyun-adns.aliyun.com
    IN CNAME
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.172.6
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    140.205.135.3
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.253.83
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.172.5
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    140.205.60.46
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.249.99
  • flag-us
    DNS
    alog.umeng.co
    Remote address:
    1.1.1.1:53
    Request
    alog.umeng.co
    IN A
    Response
  • flag-us
    DNS
    mpush-api.aliyun.com
    Remote address:
    1.1.1.1:53
    Request
    mpush-api.aliyun.com
    IN A
    Response
    mpush-api.aliyun.com
    IN CNAME
    sh.wagbridge.aliyun.aliyun.com
    sh.wagbridge.aliyun.aliyun.com
    IN CNAME
    aliyun-adns.aliyun.com
    aliyun-adns.aliyun.com
    IN CNAME
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    140.205.60.46
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    140.205.135.3
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.253.83
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.249.99
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.172.6
    aliyun-adns.aliyun.com.vipgds.alibabadns.com
    IN A
    106.11.172.5
  • flag-us
    DNS
    mpush-api.aliyun.com
    Remote address:
    1.1.1.1:53
    Request
    mpush-api.aliyun.com
    IN A
  • 123.59.112.204:443
    log-center.jdd.com
    300 B
     5
  • 140.205.60.46:80
    mpush-api.aliyun.com
    180 B
     3
  • 142.250.179.238:443
    tls, https
    858 B
     40 B
     1
    1
  • 216.58.201.110:443
    android.apis.google.com
    tls
    4.1kB
     9.2kB
     20
    22
  • 39.106.67.173:443
    api.jddmoto.com
    300 B
     5
  • 39.106.67.173:443
    api.jddmoto.com
    300 B
     5
  • 39.106.67.173:443
    api.jddmoto.com
    300 B
     5
  • 39.106.67.173:443
    api.jddmoto.com
    300 B
     5
  • 39.106.67.173:443
    api.jddmoto.com
    300 B
     5
  • 39.106.67.173:443
    api.jddmoto.com
    300 B
     5
  • 223.109.148.179:80
    alog.umeng.com
    240 B
     4
  • 140.205.135.3:80
    mpush-api.aliyun.com
    180 B
     3
  • 106.11.172.6:80
    mpush-api.aliyun.com
    180 B
     3
  • 223.109.148.176:80
    alog.umeng.com
    240 B
     4
  • 106.11.253.83:80
    mpush-api.aliyun.com
    180 B
     3
  • 123.59.112.204:443
    log-center.jdd.com
    300 B
     5
  • 106.11.249.99:80
    mpush-api.aliyun.com
    180 B
     3
  • 39.106.67.173:443
    api.jddmoto.com
    300 B
     5
  • 223.109.148.178:80
    alog.umeng.com
    240 B
     4
  • 106.11.172.5:80
    mpush-api.aliyun.com
    180 B
     3
  • 223.109.148.141:80
    alog.umeng.com
    240 B
     4
  • 106.11.172.6:80
    mpush-api.aliyun.com
    180 B
     3
  • 140.205.135.3:80
    mpush-api.aliyun.com
    180 B
     3
  • 223.109.148.177:80
    alog.umeng.com
    240 B
     4
  • 106.11.253.83:80
    mpush-api.aliyun.com
    180 B
     3
  • 106.11.172.5:80
    mpush-api.aliyun.com
    180 B
     3
  • 223.109.148.130:80
    alog.umeng.com
    240 B
     4
  • 140.205.60.46:80
    mpush-api.aliyun.com
    180 B
     3
  • 106.11.249.99:80
    mpush-api.aliyun.com
    180 B
     3
  • 140.205.60.46:80
    mpush-api.aliyun.com
    180 B
     3
  • 140.205.135.3:80
    mpush-api.aliyun.com
    180 B
     3
  • 106.11.253.83:80
    mpush-api.aliyun.com
    180 B
     3
  • 106.11.249.99:80
    mpush-api.aliyun.com
    120 B
     2
  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    mpush-api.aliyun.com
    dns
    132 B
     277 B
     2
    1

    DNS Request

    mpush-api.aliyun.com

    DNS Request

    mpush-api.aliyun.com

    DNS Response

    140.205.60.46
    140.205.135.3
    106.11.172.6
    106.11.253.83
    106.11.249.99
    106.11.172.5

  • 1.1.1.1:53
    api.jddmoto.com
    dns
    122 B
     77 B
     2
    1

    DNS Request

    api.jddmoto.com

    DNS Request

    api.jddmoto.com

    DNS Response

    39.106.67.173

  • 1.1.1.1:53
    log-center.jdd.com
    dns
    64 B
     80 B
     1
    1

    DNS Request

    log-center.jdd.com

    DNS Response

    123.59.112.204

  • 1.1.1.1:53
    res.jddmoto.com
    dns
    61 B
     135 B
     1
    1

    DNS Request

    res.jddmoto.com

  • 1.1.1.1:53
    alog.umeng.com
    dns
    120 B
     227 B
     2
    1

    DNS Request

    alog.umeng.com

    DNS Request

    alog.umeng.com

    DNS Response

    223.109.148.179
    223.109.148.176
    223.109.148.178
    223.109.148.141
    223.109.148.177
    223.109.148.130

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    216.58.201.110

  • 1.1.1.1:53
    mpush-api.aliyun.com
    dns
    66 B
     277 B
     1
    1

    DNS Request

    mpush-api.aliyun.com

    DNS Response

    106.11.172.6
    140.205.135.3
    106.11.253.83
    106.11.172.5
    140.205.60.46
    106.11.249.99

  • 1.1.1.1:53
    alog.umeng.co
    dns
    59 B
     132 B
     1
    1

    DNS Request

    alog.umeng.co

  • 1.1.1.1:53
    mpush-api.aliyun.com
    dns
    132 B
     277 B
     2
    1

    DNS Request

    mpush-api.aliyun.com

    DNS Request

    mpush-api.aliyun.com

    DNS Response

    140.205.60.46
    140.205.135.3
    106.11.253.83
    106.11.249.99
    106.11.172.6
    106.11.172.5

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.jdd.motoqixing/app_crashrecord/1004
    Filesize

    229B

    MD5

    f553e690e7cf346aad19e1b6e0739f58

    SHA1

    d6bb1265f3df8e0e31ba420229e161c853a8f2ef

    SHA256

    1a3ea1ec6b27993c36ef581431e7636f6e5025dc378d85134d16855c9a67732f

    SHA512

    56a5f74cc669bf7f0cce908786dd618d96f54302f898a18d0769afbe3484ded0aee622180880fb1b6f8c1ef5e37e52fea8446c6e884a8c6fd0b786925900978a

    Download Submit

  • /data/data/com.jdd.motoqixing/app_crashrecord/1004
    Filesize

    58B

    MD5

    0d210bfb2a0e1f1b4c082a6a0f79de07

    SHA1

    bb8ed9e364db79d1d9f2fcde3f15091893222faa

    SHA256

    988722c23d78a46021d0e7ca9deee7aa8bb83288269174ffacb7316f381cca1d

    SHA512

    536e9867b0df29b15b789f8949be6ab37fcdeccb9d39ded981da7dc2052c9533d0ec0e6f9a5444132977605d372e1463d91bdde41b528ff2ca3f65ab152325c1

    Download Submit

  • /data/data/com.jdd.motoqixing/cache/default.keystore
    Filesize

    142B

    MD5

    f3e92a4090ab315b58c58829c30b4a04

    SHA1

    8dfc3749a2d235c12b9a03f1d04a71c0e4634978

    SHA256

    8dea3635f9fe5feaa17f60726524ae5d1c20a05c01fa0c8c0ce21a02e64bc783

    SHA512

    8f2ea177fcccc5facf9ebf1576c67c19e07bb80ac1f74c0897a4dfcba1f9e9c47aabc390a20df5fe4f3a99c81c89006e3592db2cb2aa837def5a1bf1055028cd

    Download Submit

  • /data/data/com.jdd.motoqixing/cache/journal.tmp
    Filesize

    36B

    MD5

    37e8e716e0e2f4a0b05cd9571d95b84d

    SHA1

    f8d068f6931707bddb8cd69f706f2224ad1fea3c

    SHA256

    7080cb592d5149c858b206d3fd0d5e3e7d601f120af00b2616bee928ee1291ca

    SHA512

    e62b850901835fdb73fa6224618422f721dd765861d42f6bc2dd013413e96bd910ac5313afd9b4f63da74beb12a15fac81b5157456c9caa3031862dab84423f6

    Download Submit

  • /data/data/com.jdd.motoqixing/databases/bugly_db_-journal
    Filesize

    512B

    MD5

    66e61fde0625a0ee2bd6da1dc8ea0530

    SHA1

    51918424c3c5bf644e93013c931dbbe38b287eb8

    SHA256

    0c287e5f80af905429af0cd3d91f029f5d4eac580d328de1364415bb8c29f87f

    SHA512

    06fdefeb62ad4a6997d04d7a3bd1a895c747ceb84dfb8599406ea14d49619c6024e8dca404e7b9383af380c77b897bf45809400a318b7495d48224acb0a82487

    Download Submit

  • /data/data/com.jdd.motoqixing/databases/bugly_db_-shm
    Filesize

    28KB

    MD5

    cf845a781c107ec1346e849c9dd1b7e8

    SHA1

    b44ccc7f7d519352422e59ee8b0bdbac881768a7

    SHA256

    18619b678a5c207a971a0aa931604f48162e307c57ecdec450d5f095fe9f32c7

    SHA512

    4802861ea06dc7fb85229a3c8f04e707a084f1ba516510c6f269821b33c8ee4ebf495258fe5bee4850668a5aac1a45f0edf51580da13b7ee160a29d067c67612

    Download Submit

  • /data/data/com.jdd.motoqixing/databases/bugly_db_-wal
    Filesize

    76KB

    MD5

    a7db0de581905f3ef16cc0612628aab4

    SHA1

    8d803fae6e3e7a50ea890e1f841f97def0291724

    SHA256

    05e4d1506d88b3746ccec9f7474aad871470a08fd162789886dc22d5dfec5721

    SHA512

    d56324bb627a60808477f60f731225957b2901a899b56907e01cb13ab90d8eec2c9773df5d3bdf6f8f7529d9c75e09e2d9bb97228cf68458063eb0aa0b952d47

    Download Submit

  • /data/data/com.jdd.motoqixing/databases/jdd_motorfans.db
    Filesize

    4KB

    MD5

    f2b4b0190b9f384ca885f0c8c9b14700

    SHA1

    934ff2646757b5b6e7f20f6a0aa76c7f995d9361

    SHA256

    0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

    SHA512

    ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

    Download Submit

  • /data/data/com.jdd.motoqixing/databases/jdd_motorfans.db-journal
    Filesize

    512B

    MD5

    aa80ea8cd2309866e431f45c052dbee8

    SHA1

    becc606073c9e6f521972b715950f66f19350bf4

    SHA256

    628499ad8df4c320247fa0c4bf2411f2ee334d89f0a2ef46fb0bc4bdc6477a49

    SHA512

    fe482426b69635c86fe45cd6b8c1166af83dc5e0e8fcb7c6cc2ea10200815a204916d06395ca3b9ca9a114002a98dca9f19a363905d0a69d0c8edfc9e25f7fcc

    Download Submit

  • /data/data/com.jdd.motoqixing/databases/jdd_motorfans.db-wal
    Filesize

    16KB

    MD5

    39e909d7da844e4aa39f500bd1711742

    SHA1

    5bba72fb10a985ba262378e137f614d80afed3e9

    SHA256

    a1f293f15fb3da6efd5d630bbc0f11e6f29c319e2a2526e8e74e78376c2e6f2b

    SHA512

    47b2b8828c45f3a02e42c10ad9f9be3c188aec38cc4a70907959f415a157fc87ed71e57d6ca713028d43a308b22e011b9f942ba765d9640412035314c0eb4686

    Download Submit

  • /data/data/com.jdd.motoqixing/files/.um/um_cache_1703449605042.env
    Filesize

    614B

    MD5

    a8d428f7b80924cc3c0d6bea0acfa4ec

    SHA1

    c56da2eaf2bd3b93a1dc9c8d7782bd4febea3688

    SHA256

    5b0b359eabe6ab235c374ad496e71eb71bc999cc6260b4ea5a1aab0c1571fe6b

    SHA512

    292a58e1009d05202b8667d2bf31cee1f58aa96c92a8a77661f50211152d767c4e47c7df25ddf56d961cc1a8ef2fac0e50ee306b5795cf74660a370c935f2635

    Download Submit

  • /data/data/com.jdd.motoqixing/files/umeng_it.cache
    Filesize

    310B

    MD5

    ad5fcafe0ed6ecac494f8b4b4cc9e743

    SHA1

    f7bf7749ce56950eaad180dd8feefd064e455503

    SHA256

    68ae887e9733b855d1eb6c10219f476d52c4dd7e0e4e91d02d2fd616b5a6943e

    SHA512

    5771387bebb45b80a38d9e3c1df003a2097736f94be869c502a351742fe8b0843c91338e631628628254af24746790467361c851ec32bc3a1944d30535201e51

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    111B

    MD5

    bbe27b61bd47409e186bf9acf77e7ee8

    SHA1

    eba40bdbde3fc7c2a32d9673ac5b68a19797a840

    SHA256

    f14e07420955b3fda8d661bc6b4d9dc09740059eda99c6f8d875f33ebee75105

    SHA512

    af3f7702af49cb2883ec220ad2e18fcfe6099db52847a7cae9c4a5f625bdf442db682a2f6768381a59db2ddb35174bb74fb5d2f0bbb19c7fce1cbc26cadec817

    Download Submit

  • /storage/emulated/0/.DataStorage/ContextData.xml
    Filesize

    213B

    MD5

    fcf0a86243427a920dcf1ada8fb96ab2

    SHA1

    d8de2f6bf9e064425be9c13f78753d229a738acc

    SHA256

    e0a3ee78505d7896ae1e1777aa4034077f16aac33b96f66bc005e42cd5210bc4

    SHA512

    edd62fbab2e7de44d8fd07d79066503cb5a3f71a69717dbf86f77f05579cf0aef3766bbf8b1bc48b1d5eb6e75c811f9375f2e0108ebc7d095fd53fec5e3cddf8

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    65B

    MD5

    9781ca003f10f8d0c9c1945b63fdca7f

    SHA1

    4156cf5dc8d71dbab734d25e5e1598b37a5456f4

    SHA256

    3325d2a819fdd8062c2cdc48a09b995c9b012915bcdf88b1cf9742a7f057c793

    SHA512

    25a9877e274e0e9df29811825bd4f680fa0bf0ae6219527e4f1dcd17d0995d28b2926192d961a06ee5bef2eed73b3f38ec4ffdd0a1cda7ff2a10dc5711ffdf03

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    111B

    MD5

    b606d9df1c9232bf06335fc53cf3cfba

    SHA1

    f3a321438cb979cdb7b6b77af1436771d5779453

    SHA256

    86b83a021b80a01754c9cc964b431240b082dd54ef563d5341d83ca3a8f70010

    SHA512

    5f411d921adddcf827579a99999b8db10ea2745e018ee944545f2648bb649657561867788ebe573b1e26e96962de4fcf4d550b5536c5a962cad27a1315093ecd

    Download Submit

  • /storage/emulated/0/.UTSystemConfig/Global/Alvin2.xml
    Filesize

    167B

    MD5

    2cfb150d167003114ee71830de5b3193

    SHA1

    75e557958b1e29794e1a8e3a1ac81ab63834ec47

    SHA256

    f760d32b145e8705c565cb620b357e61c48f5a84ba69ce7ae12fa7e9f260594e

    SHA512

    042f124f8c11d270cb5f8c7f922a90ac774d2d15bd7ffcbc3806e99bea56c2f261bc32558ee452f2096e0a737ca1b7050f539f6059ece235767deb6abf7ca55f

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.